Network scanner for global document creation, transmission and management

ABSTRACT

A network scanner, communication protocols, and client and server programs and are provided which provide an improved way to transmit legally binding documents, obviating the need for outmoded, legacy fax transmissions. Using the network scanner, a document may be scanned and transferred directly into any shared folder inbox residing on any computer attached to the Internet. Enhanced server systems and network communications and messaging protocols are provided that are more practical to use than email for sending documents such as executed legal documents or other documents requiring robust integrity and authenticatability. Similarly, the inventive network scanner, server systems and communication protocols provide improved ways to perform large file transfers and to manage bandwidth to minimize problems associated with uploading/downloading large files as attachments to/from email servers and for enabling user control over VoIP quality during file transmission sessions.

RELATED APPLICATIONS

The present application is a Continuation-In-Part (CIP) of parentapplication Ser. No. [not yet received] [docket number EMD/BAW.001],filed Sep. 1, 2004, for an invention entitled “Methods, Smart Cards, andSystems for providing portable Computer, VoIP, and ApplicationServices”, by the present inventors, the disclosure of which is hereinincorporated by reference in its entirety. Applicants hereby claim thebenefit of the earlier filing date of the above-referenced parentapplication.

FIELD OF THE INVENTION

This invention relates generally to electronic document creation,storage, transmission, and management. More particularly, the inventionrelates to methods and systems for inputting printed paper (“hard copy”)documents by scanning them into an electronic format and sending theresultant electronic documents to local storage and/or to a remotelocation.

BACKGROUND OF THE INVENTION

Fax technology has been in use now for several decades and allows paperdocuments to be scanned, digitized, and transported via analog telephoneconnections using the G3 fax protocols and modem technology. As theInternet grew to become ubiquitous, Internet based fax server technologywas introduced in order to allow faxes to be received and forwarded torecipients via email.

Internet fax services, generically known as “efax” services, add manybenefits beyond standard analog fax machines. Using these services,people can fax documents to a recipient's fixed published fax telephonenumber, but the fax can be received and printed out from any location inthe world that provides Internet access. Further, such efaxtransmissions received over a broadband Internet connection do not tieup a telephone line during the reception of the fax, although thetransmitting fax still ties up a telephone line and experiences theper-page telephonic transmission delay. Yet further, as long as the efaxuser has access to a scanner, efax services eliminate the need for a faxmachine, provide superior image quality, and provide a host of otheruser/worker productivity/efficiency advantages. For example, with efaxservices, the user/worker need not worry about replacing the fax machineink cartridge, reloading a document feeder tray, fax machine maintenanceand repair, downtime due to fax machine malfunction, clearing paperjams, etc. In general, efax technology provides a faster, cheaper,superior, and more efficient way to create and transmit documentsthroughout the entire world, as compared to using conventional faxmachines.

While efax technology is typically used to receive faxes (inboundtechnology, also known as “fax-to-email”), efax technology can also beused to send faxes (outbound technology, also known as “email-to-fax”).With email-to-fax technology, a subscriber typically sends an email witha scanned image file attachment (e.g., .tif or .pdf), to a subscriber'soutbound fax-to-email address. When the email is received at thisaddress, the server inspects the subject field for a telephone numberand causes an outbound telephone call to be made to a fax machine, andthe fax is transmitted via standard G3 fax signals to a recipient faxmachine across the telephone network. The email-to-fax server system maybe distributed and route the fax as an email to a local point ofpresence (POP) and make a local outbound fax call to minimize telephonetoll charges.

A somewhat hybrid offshoot of the above technologies is called Ematetechnology. With Emate technology, special fax machines are used thatallow a user to enter an email address into a fax machine, make atelephone call to a fax-to-email server, and transmit the fax usingstandard G3 type analog fax signals. A fax-to-email type server thenreceives the fax call, extracts the email address therefrom, convertsthe fax to an image file format (like .tif or .pdf), attaches the imagefile to an email, and sends the resultant efax to the specifiedrecipient email address. Among other reasons, because the Emate solutionrequires a special type of fax machine, and further, still requires afax-to-email server, this technology has not been widely adopted.Instead, fax-to-email services prevail in the marketplace, and usersinterested in receiving faxes as emails subscribe to such services,e.g., those offered by j2 Global Communications, Inc.

Throughout this application, it should be noted that an “image file”generally refers to a file in an image file format, such as a .pdf fileor a .tif file. Often the image file is a bit mapped file (.bmp file).If OCR (optical character recognition) is used, the image file can bestored with less bits than a bit-mapped image, and can also be madesearchable and computer manipulable.

Another presently available technology is a multifunction fax machine. Amultifunction fax machine can be used as an ordinary fax machine to sendfax messages using the G3 fax protocol across standard telephone lines.Similarly, the multifunction fax machine can be used as a printer, andalso as a scanner. Typically, the resolution for copies is not as goodas a standard copy machine, but this is an implementation issue.Multifunction fax machines find use mainly in small office/home office(SOHO) environments because there is typically limited space to houseseparate copy machines, printers and fax machines.

While these various hybrid Internet fax solutions have extended the lifeof fax technology, it has become apparent to the present inventors thatfax technology is, in and of itself, dated and cumbersome. What isneeded is a universal network-based scanning technology that caneliminate the need for fax machines altogether, enabling a newgeneration of enhanced document creation, delivery and managementsystems.

Modern computer technology offers many ways to attach electronicdocuments of all kinds to emails and to globally transmit them toend-user email accounts, and/or using FTP or other protocols. However,current computer technology is lacking in certain ways, and this void isstill being filled by fax technology. Fax technology is still theaccepted way of remotely and electronically executing legally bindingdocuments like contracts, agreements and purchase orders. Using existingtechnology, scanners can be used to scan documents, and the scanneddocument can be attached to en email and sent from a computer to adestination email address. However, because computer technology canreadily be used to alter documents in electronic form and is susceptibleto hacking and spoofing, such documents are not as well trusted asdocuments faxed by legacy analog fax machines.

A recent addition to the field is a scanner system (or combined scannersystem with any combination of the following extra functions:copier/printer/fax) where a user can drop a document into a paperfeeder, enter a destination email address, and transmit the scanneddocument to the destination email address. This new functionality iscalled “scan-to-email.” While such functionality is a step in the rightdirection, it is lacking in many ways. First of all, the scanner oftencreates large bitmap files. Bitmap files are often desired forelectronically transmitted legal documents because they are not asreadily computer manipulable as text based documents and therefore areperceived as being more secure.

When sending bitmapped images, the files rapidly become too large to beprocessed by an email server, so that, for example, a sender sendingtwenty or so color pages from a magazine, might have to break the scanjob into fifteen separate email transmissions. If a large contract needsto be executed, even though it is in black and white, it would not beacceptable to break it into many pieces to make it fit through email.Because time is so expensive, a technology that requires both a sendingoperator and a recipient to wait long times for uploads and downloadsmay in some ways be worse than fax. At least with fax, the recipient canbe doing something else while the fax comes in, assuming no paper jamsand/or other fax machine malfunction and/or communication link failureoccurs during the transmission.

Other important features are also missing from modern scanners that canbe attached to networks and which have a scan-to-email capability. Whileuser authentication is used to allow a user to enter an email accountand other types of user accounts, no user authentication techniques havebeen combined with the scanner to positively identify a user and linkthe positively-identified user with a particular scanned document. Thereis a long-felt need for an improved computerized system for transmittinglegally binding documents via electronic means other than costly andcumbersome fax technology, and this need is as yet unfilled, even by thecurrent generation scan-to-email technology. Rather, legacy fax machineswhich are slow, costly, and of relatively poor image quality are stillused to transmit documents. Fax machines allow a recipient to know wherethe fax came from (caller ID log), and also allow the sender to dial atelephone number, hear it ring, hear it pick up, hear the machineshandshake, and see a transmission report message that indicates that allthe pages were sent properly. The recipient exercises physical controlover a hard copy document sent by analog fax means that went straightfrom paper to telephone signals and now to his/her fax paper output, sothe user is more or less sure the fax was not altered electronically.Hence conventional analog fax transmissions are typically more trustedthan scanned email attachments and, therefore, fax transmissions arestill required by most companies to execute agreements, to send orreceive purchase orders or purchase order modifications, and otherdocuments which have evidentiary value and/or require a high level ofdocument integrity.

For these reasons, in current practice, fax machines are often used toexecute legal documents such as contracts. When the fax is received, thefaxed signature is accepted as legally binding. However, in reality,this provides only a light form of security. For example, a signaturecould be taken from a first contract and pasted onto a second contract,copied, and then faxed. By simply cutting, pasting, and copying with acopy machine, a document can be easily forged and faxed. With the olderanalog fax technology, nobody really knows who actually created and/orfaxed the document being transmitted. Also a forger can easily enter afalse sending-fax telephone number to be printed on each received faxpage. That is, while analog fax technology is accepted as legallybinding, the inventors recognize that this is out of historicalnecessity for lack of a better technology, not for technical reasons.

In addition to the above-described drawbacks and shortcomings of currentscan-to-email technology, such as the lack of sender authentication andthe inefficiencies of large bitmap files, email is not an ideal mediumfor important business transactions because a user is never really surethe email ever got to its destination. Too many times a large attachmentis sent and some email server along the way simply deletes it and neversends it on to its intended destination. Therefore no one can ever surean email will get through to its intended destination, especially ifthere is a big file attachment. Nobody wants to send a fifty pagecontract and have no idea whether it was received without having to callthe recipient and ask. Also, large documents often experience long emaildelays, so that even calling and asking for confirmation of receipt isnot always effective.

Consider trying to file an IDS with the USPTO with 150 pages ofreferences using scan-to-email technology as opposed to fax technology.With fax technology, this process would be so slow and onerous that mostpeople would just send it through the mail. However if someone did spendthe time to fax it, at least they would know, if there were no paperjams and/or communications glitches along the way that made them startover, that all the pages were received by the USPTO and would be filed.However, if scan-to-email technology were used and a USPTO email addresswere supplied to accept incoming documents, the sender would have no wayto be sure the USPTO ever received the large email attachment. Althoughan auto-reply email function can be used to indicate receipt of theemail message, there is presently no mechanism for the email recipientto automatically confirm receipt of any email attachment. Again, thepractitioner would rather use regular mail than scan-to-email for thisreason. Hence, there are significant improvements that need to be madebefore a technology like scan-to-email can receive widespread acceptanceand ultimately become a global standard for document creation anddelivery to replace fax technology in the marketplace.

What is missing in the art is a technology that can be used to securelyscan documents and seamlessly transmit resulting image files to anylocation across the globe without the need to convert them to analog faxsignals and to transmit them across the public switched telephonenetwork (PSTN). It would be advantageous to be able to supply suchfunctionality without the need to employ expensive fax server systemsthat use special purpose boards to receive fax signals via telephonelines and to convert the fax signals to image format files or FoIP(fax-over-IP) signals. It would be advantageous to be able to securelysend laser quality documents to any point in the world. It would beadvantageous to have a technology to securely execute documents to enterinto legal contracts remotely. It would also be advantageous to have atechnology which would enable the creation of a remotely transmittableelectronic document having evidentiary integrity from a hard copy inputdocument, preferably without the need for specialized infrastructureand/or specialized services for performing e-mail-to-fax and/orfax-to-e-mail conversions remotely of the point of creation of thetransmittable document. It would be further advantageous to have a newtechnology that does not merely convert lower quality fax transmissionsto image files and transmit them as attachments to emails, but ratherstarts from the ground up to provide a fully integrated global documentcreation and delivery system that uses existing Internet and/or othercommunications network transport protocols and new inventive applicationprograms and protocols to integrate document creation and delivery withmodern computer technology. It would be desirable to vastly improve uponthe newly introduced scan-to-email technology to make it more convenientto use by providing improved user interfaces, improved networktransmission methodology, confirmation of receipt by the recipient, andintegrated document authentication, sender authentication, and securityfunctions. It would be yet further advantageous to implement such a newtechnology in a network-sharable device, such as a “network scanner”.

In sum, there presently exists in the art a need for an electronicdocument creation and delivery method which overcomes or minimizes thedrawbacks and shortcomings of the presently available technology, andwhich provides some or all of the advantageous features described abovewhich are presently missing from the art. The present inventionaddresses this need in the art.

SUMMARY OF THE INVENTION

In one of its aspects, the present invention encompasses a networkscanner which includes an optical document scanning arrangement with ascanning surface for document scanning, an image digitizing subsystemoperative to produce an image file from a set of one or more scannedpages, and a computerized subsystem including a processor, a memory, anetwork interface, an optional smart card interface, and computersoftware resident in the memory, such as application and communicationssoftware. A GUI is provided for facilitating human-machine interactions,including, for example, GUI functions which enable a user to control andmanage the creation and transmission of electronic documents from sourcehard copy input documents. A network interface is provided forcommunicating across a computer network.

The present invention, in another of its aspects, encompasses inventivedocument transmission protocols which enable the provision of a newservice, hereby dubbed “scan-to-folder”, that allows a user to scan adocument and have it inserted directly into a file folder in a computerlocated anywhere in the world. Among other advantages, this novelscan-to-folder service relieves the recipient of the need to wait forthe scanned file to be downloaded from an email server and eliminatesthe uncertainty of email transmission due to the failure of intermediateemail servers to properly forward or route the scanned file to theintended destination. The transmitted scanned file may be positivelyauthenticated with a digital signature of the person sending thedocument to provide stronger sender authentication security than thatprovided by a fax caller-ID log. Also, in accordance with a preferredaspect of the inventive scan-to-folder protocols, a recipient protocolentity, after having received the document, sends back a confirmationreport indicating the number of pages properly received, or optionallycomputes a cryptographic hash function (preferably using public-privatekey cryptology procedures) on the document and sends back a reduced sizehash so the sender can be 100% sure the scan-to-folder document wasreceived intact at the distant end and did not get “lost in the email”or corrupted or modified during transit.

The GUI preferably allows a user to specify a destination applicationlayer Internet address such as an email or FTP or SIP address to whichto send the scanned image via the network interface. A smart cardinterface is preferably also provided to accept a smart card thatincludes user authentication data. This allows users to digitally signdocuments, log into VPN protected networks, and/or to supplyuser-specific data to the network scanner. For example a user may wishto access his/her personal email account and have access to addressbooks and the like while operating the network scanner. A biometricsecurity device may also or alternatively be incorporated into thenetwork scanner to provide virtually inviolable authentication of thesender positively linked to documents transmitted by the authenticatedsender for evidentiary and/or security purposes. Also, smartcardlessembodiments are possible by having a user provide a user name and apassword in order to facilitate access to user-specific informationnormally held on the smart card from a networked storage account.

The present invention solves many fundamental problems latent in theprior art. The network scanner of the present invention is especiallyuseful in environments where broadband access is available. For example,the network scanner can be used in any environment where network accessis available, such as in corporate LANs, home networked environments, orpublic WiFi hotspots. With the network scanner, a document can be loadedinto a paper feeder, scanned, and transmitted to a local storage area,uploaded to a server, sent as an email attachment to a recipient, and/orcan be coupled via a secure network session (over any wired or wirelesscommunications network) to any type of server, PC, handheld device,workstation, storage-equipped Internet appliance, device, or equipmentcoupled to the Internet. Various authentication methods such as the useof smart cards, biometric IDs, server side certificate accountsrequiring user name and password, digital signatures, and encryption maybe seamlessly used to verify to the recipient that the scanned documentwas inserted into the scanner and/or sent by the person who correctlyexecuted the scanned document. Hence, the present invention provides amuch more secure and efficient way to execute legally binding documentsremotely and electronically than is possible with prior art fax and/orscan-to-email based solutions. The alternate file, folder and documenttransmission protocols and methods disclosed herein will cut billions ofhours per year that people would otherwise spend downloading fileattachments from email servers or sending them via fax. Additionally,other aspects of the present invention, such as the security and receiptconfirmation techniques, can be employed to vastly improve currentscan-to-email systems, and to render such electronic document creationand delivery systems suitable for applications and uses which arecurrently only being met by conventional, analog fax technology, withall of its many drawbacks, disadvantages, and shortcomings.

BRIEF DESCRIPTION OF THE DRAWING

The various novel features of the invention are illustrated in thefigures listed below and described in the detailed description whichfollows.

FIG. 1 is a block diagram representing a network scanner constructed inaccordance with an exemplary embodiment of the present invention.

FIG. 2 is a flow chart illustrating a method that allows a networkscanner to provide an enhanced form of document communication that issimilar in ways to facsimile communications, but much more secure andconvenient.

FIG. 3 is a block diagram representing the architecture of inventiveunified client software that allows users to manage both emails andscan-to-folder data messages.

FIG. 4 is a block diagram illustrating a transport service preferablyused and controlled by the inventive unified client software illustratedin FIG. 3.

FIG. 5 is a block diagram illustrating a direct session server used insome embodiments to help transfer documents from a remote computer to atarget computer.

FIG. 6 shows a flow chart of a network application program used toremotely execute legally binding contracts and agreements between two ormore parties.

DETAILED DESCRIPTION OF THE INVENTION

This application is a continuation-in-part (CIP) of the presentlypending U.S. patent application entitled “METHODS, SMART CARDS, ANDSYSTEMS FOR PROVIDING PORTABLE COMPUTER, VOIP, AND APPLICATIONSERVICES”, by Dowling and Westerlund, filed on Sep. 1, 2004 [DocketNumber EMD/BAW.001], the disclosure of which is incorporated herein byreference in its entirety. All of the disclosure of the presentapplication is explicitly combinable with the disclosure of the parentapplication to form various combinations of systems whereby the networkscanner takes the place of or operates in conjunction with the VoIP orFoIP device in the parent application. Likewise, any of the network andserver functions described in the parent application may be used toaugment the network based systems and methods described herein.

FIG. 1 illustrates an exemplary embodiment of the network scannerapparatus 100 (“network scanner”) of the present invention. The networkscanner 100 includes a scanner engine 105 which is implemented using ascanning surface with any known optical document scanning technology asused in presently available scanners, fax machines, and copy machines.Preferably, a high resolution scanner is used, and most preferably, onethat is capable of both black and white and color scanning. In apreferred embodiment, a paper feeder tray 110 (automatic documentfeeder) is provided and the scanning surface is also accessible to scanbook pages and the like that can not be processed through the paperfeeder tray. In some embodiments, the scanning surface is thinrectangular like present day fax machines and only paper input via thepaper feeder may be scanned. The output of the scanner engine 105 is adigitized scanned bit-mapped image, which is fed to a computerizedsubsystem. The computerized subsystem includes one or more processors115 coupled to one or more memory devices (collectively referred to as“the memory” 120). In some embodiments, the scanner engine 105 itselfhas a dedicated processor to aid in the image digitization process and,in other embodiments, a single processor is used to assist in thedigitization operations and to support other software functions.

A network interface 125 and an optional smart card interface 130 arecoupled to the computerized subsystem. The network interface 125 may bean Ethernet connector, a WiFi/802.11 wireless network interface, or anyother type of network interface (e.g., LAN). In some embodiments, thenetwork interface 125 may provide a WiFi gateway access function as wellas, for example, an Ethernet connection for coupling to the Internet.The smart card interface 130 may be a smart card slot reader, or maycommunicate via similar personal communications or computerized deviceslike PDAs capable of holding user-specific data. In some embodiments,the smart card interface 130 may be replaced by or augmented with abiometric scanner such as a fingerprint scanner. For further details,reference can be made to the parent application that is incorporatedherein by reference. The smart card reader and/or biometric sensorallows a user to provide strong authentication of the user's identity.For example, the user inserts his/her smart card, enters a user name andpassword or a PIN, and/or provides a biometric indication or input, suchas a thumbprint, into a biometric sensor or biometric security deviceprovided in some embodiments. The smart card preferably includes publicand private encryption keys and a digital signature for userauthentication. With such a system, a user may be positively identifiedand positively linked to a particular document scanned and transmittedat a specific time. As discussed previously, any discussion hereinrelating to functionality of a smart card could alternatively beimplemented via a wirelessly connected PDA type device or a passwordprotected network storage based user account.

The memory 120 is used to store data and to hold a set of computerprograms such as an operating system 135, communication software(protocol stacks) 140 to run the network interface 125 and the smartcard interface 130, and upper layer software like TCP/IP software. Alsocontained in the memory 120 are a set of application programs 145described hereinafter. In some embodiments the memory 120 may includemass storage for document and file storage and remote access.

The user interface preferably includes a GUI 150 that allows a user tomanipulate graphical objects, windows, and menus. Depending on theembodiment, keyboard inputs, pen type inputs and/or voice inputs withspeech recognition can be used. GUI interfaces similar to those that runon current day PDAs are envisioned as being preferable. In somemultifunction embodiments (primarily for SOHO applications), a printermay be incorporated into the apparatus as well to provide both scanningand printing capabilities from the same housing. In office environments,the present invention may be built into a large multifunction unit alsoacting as a printer and a high capacity copy machine.

In many preferred embodiments, the network scanner of the presentinvention looks like a conventional fax machine. In such embodiments, aVoIP telephone may optionally be built in to allow both telephone callsand document calls to be made, thereby providing an integratedscanner/VoIP device that has the look and feel of a conventional faxmachine but uses indigenous broadband network access and Internettransport technologies. Since at least some of the same componentsand/or circuitry can be used for implementing both the scanner and VoIPtelephony functionality (e.g., the same processor(s), memory(ies), andpossibly, the same call-setup application layer programs andcommunication protocols), the integrated scanner/VoIP device can be mademore compact and at a significantly lower cost, as compared to separate,standalone scanner and VoIP devices. In order to further reduce thefootprint of the integrated scanner/VoIP device, the scanning surfacemay be designed to be small so that only documents loaded into the paperfeeder can be scanned. Alternatively, standard WiFi access interface maybe provided by the network scanner that allows the network scanner tointerface with handheld wireless VoIP enabled telephone handsets (toinclude cordless type handsets and cellular phones that have the abilityto roam onto WiFi networks.

Notably, the same endpoint-to-endpoint connection or communications path(“communications link”) that is established when placing a VoIPtelephone call may be used to transmit a scanned electronic document tothe same party, so that the sending party can be speaking with thereceiving party while the document is being transmitted. For example, aTCP/IP control channel can be established by first sending a UDP messageto a distant end via the Internet. In some case the UDP (or a differentTCP/IP) address may be obtained by a SIP server. A first and second callchannel may then be established to carry the outgoing and incoming VoIPmedia streams, and a third media channel can be established fortransmitting the electronic document. This multi-channel connection canbe implemented using various technologies to include the H.323 series ofVoIP standards used to setup and maintain calls that carry voice, videoand other data types. Preferably, when establishing a multimedia call,the user, e.g., via the GUI 150, can selectively vary the bandwidthallocated to each socket or channel. For example, when documenttransmission speed is more important than voice quality, the user couldincrease the bandwidth allocated for the document transmission channelor socket, and, alternatively, if voice quality is more important thandocument transmission speed, then the user could increase the bandwidthallocated for the VoIP telephony channel or socket. Of course, adocument-only call could use a similar setup procedure to transfer thedocument via an established point-to-point transport pipe (e.g. TCP/IPdata channel connection) without the need to establish a VoIPconnection. Also, the SIP protocol may be used to determine the initialUDP or TCP/IP address needed to set up the call and/or control channelby looking up an address like eric@aol.com and generating an active IPaddress (or mobile IP address) therefrom.

The protocol stacks 140 are preferably provided as a portion of thesoftware and/or firmware to allow the network scanner 100 to communicatewith external computers, servers, and networks. For example, the networkscanner 100 may be connected to an Ethernet LAN, an Ethernet connectionto a router, an Ethernet connection to a cable modem, to a WiFi network(e.g., 802.11), Bluetooth, USB, wireless USB, FireWire, or any otherprotocol. In some particular embodiments, the network scanner 100 may becoupled directly to a single computer, and in other particularembodiments, the network scanner 100 may have its own link layer addresson a LAN, and may also have its own Internet (IP) address, for example,an IP address assigned to it by a domain controller (a DNS and/or DHCPcontroller). In a preferred embodiment, the protocol stack 140 alsoincludes transport and network software layers and is coupled to anapplication software layer, e.g., to application programs 145.

The application programs 145 include user input-output functions andcapabilities accessed via the GUI 150. For example, the applicationprograms 145 allow a user to use a Windows Explorer™ type application toview a file system located on a remote computer connected to the networkscanner 100 via any suitable wired or wireless communications network orcoupling, for example, via a direct coupling, via a LAN coupling via aTCP/IP connection to the Internet, or via a corporate Intranet. The GUI150 can also support specialized email client software designed to rundirectly on the network scanner 100. Additionally, the GUI 150 cansupport user authentication functions and can support a set of GUIs usedto implement the application program methods described hereinbelow. Ingeneral, the GUI functions enable a user to control and manage thecreation and transmission of electronic documents scanned from sourcehard copy input. Other types of application programs implement new typesof document, security, and communication protocols that allow networkbased scanners to provide enhanced functionality as describedhereinbelow.

In a preferred embodiment, the application programs 145 include softwarefor image and/or document compression. Many known compression algorithmsare used to compress documents, images, and other kinds of data files.In a preferred embodiment, the software resident in the network scanner100 implements a compression algorithm so that the resultant electronicdocument can be transmitted using fewer bits of data (and thus, usingless bandwidth). Preferably, lossless compression is used and anyauthentication data such as digital signatures are not altered by thecompression algorithm, or the authentication and/or encryption algorithmmay be applied directly to the compressed document. Also, differentresolution levels may be intelligently selected to reduce bandwidthneeds. For example, a black and white document would need fewer bits torepresent than a scanned color photograph.

It can be recognized that the network scanner 100 of the presentinvention uses fairly standard computerized hardware. Scanners are wellknown in the art, as is network interface hardware, smart card hardware,operating systems, and GUI interfaces. However, the present invention,among other things, encompasses a novel combination and configuration ofsuch conventional hardware elements, as well as novel software, toimplement the novel configurations and methodologies employed by thenetwork scanner of the present invention. One of ordinary skill in theart (e.g., a computer programmer) can easily implement the describedprogram functionality given the hardware architecture described aboveand the software and system level operational functionality describedbelow, in numerous ways that would each fall within the spirit and scopeof the present invention.

Referring now to FIG. 2, a method 200 constituting an exemplaryembodiment of an aspect of the present invention is illustrated in flowchart form, and particularly depicts a preferred embodiment of how theapplication software 145, the GUI 150 and the protocol stacks 140interact with the rest of the hardware to implement aspects of thescan-to-folder document communication protocols of the presentinvention. As is described below, many of the aspects of the inventionmay also be used to provide enhanced scan-to-email technologies as well.It should be noted that in the method 200, the functional blocks can berearranged in various configurations. All orderings and configurationsof the functional blocks in practicing the method 200 that result inoperative embodiments are contemplated, but for simplicity and ease ofdiscussion, only one representative ordering-embodiment of the method isdescribed.

The method 200 is typically implemented using a network scanner such asthe network scanner 100. To understand the method 200, envision anembodiment where the network scanner 100 looks just like a current dayfax machine, except that the user interface 150 looks more like a modernday PDA GUI that supports keyboard entry, mouse and/or pen entry, and adisplay surface that can provide a Windows™-type set of windows, menus,icons, dialog boxes and the like.

In accordance with the method 200, a user ID is accepted from a user ata step 205. As discussed in the examples below, this step can beaccomplished by the user inserting a smart card in a smart card readerintegrated into the network scanner 100 (or coupled thereto) andentering a PIN, entering a user name and password into a dialog box,pressing a thumb onto a fingerprint sensor, and/or any other inputmeans. Once the user has been identified, at step 210, the networkscanner 100 associates the user with a document to be scanned and/or auser account. The association of the user with the user account allowsscanned documents to be placed in preferably secure storage areasassociated with the positively identified user. Also, once the user isidentified, a set of user preferences may be accessed from the localscanner memory 120, downloaded from a networked computer or file serverthat holds user preference and customization/personalization data, orcan be read from a smart card or wireless PDA type device carried by theuser. For example, a customized GUI may be presented and the user may begranted access to a set of remote network resources and accounts such asemail accounts and/or other types of document transmission accountswhere address books and such are kept to facilitate electronic documenttransfer to various possible recipients.

The network scanner 100 may also connect to an external computer orserver to access a storage area associated with a user account in orderto write the scanned document to a particular location associated withthe particular user who is using the network scanner. Similarly, thememory 120 may include sufficient mass storage that the network scanner100 may associate the user with a designated area in local storage 120.This way the network scanner 100 can write a scanned document into alocal storage area associated with the user, and the user can laterretrieve the scanned file remotely using client software running onhis/her PC or workstation located across a network connection.

In an optional step 215, a user identifies one or more destinationlocations to place the scanned document. The destination location may beidentified as a file folder on the user's computer using a network widefile folder user interface to allow the user to specify to place thedocument in a particular folder within his/her own file directorystructure. Alternatively, or in addition, the user may want to send thescanned document to one or more inboxes (“shared folders” adapted toaccept external transmissions from other parties) associated with one ormore recipients. If the optional step 215 is not performed, the scannedfile can be stored locally within the memory 120 in an area where it canbe retrieved remotely by the user, once authenticated across thenetwork. Likewise, the file may automatically be scanned to apre-designated scan-input directory associated with the user but locatedon the user's computer or a file server where the user's files arestored. In this type of embodiment, the user may need to go back tohis/her computer to complete the other steps of the method.

Next, in step 220, the document is scanned. A set of one or morecryptographic algorithms may be optionally applied to the document topositively identify it with the user who scanned the document or whowill send the document. As discussed below, digital signature keysstored on a user's smart card may be applied to verify the identity ofthe user via digital signature. This way, if a user scans a signeddocument or a note asking for a change or the like, the user's digitalsignature may be used to ensure the recipient that the signed documentwas not altered or otherwise forged. This optional step provides muchhigher security than is provided by present day fax technology.

In step 230, a file transfer is performed using a communicationprotocol. Preferably, the user is presented (via the GUI 150) a menugiving the user a choice of different communication protocol options.Scan-to-email is one option, but the scan-to-folder protocols describedin more detail below may also be used, with the latter protocols beingpresently contemplated as the preferred protocols. For example, the filemay be scanned and placed into a file folder located in the user's filedirectory structure on a remote computer or file server, or may betransported across the Internet to a shared folder area on any thirdparty computer located anywhere in the world. As discussed below,various technologies such as FTP, SIP, and remote control/remote accesscomputer software (e.g., GoToMyPC™ like software) may be used to gainaccess to a writeable area in a directory structure on a remote computerassociated with the recipient (which could be the sender's own computeror a computer associated with a third party). The writeable area couldbe “public” or “private”. Access to a private storage area could becontrolled using filters, user authentication controls, access controls,and any other suitable private file access scheme or protocol. Access toa public storage area could be controlled using lighter filters andaccess controls, could be subscription-based and/or could be controlled,if at all, using any other suitable public file access scheme or spamfiltering-like protocol.

As discussed in connection with examples below, the transmission step230 may be carried out via a secure channel like a VPN connection(virtual private network), an SSL (secure sockets layer) session, and/oradditional security functions may be applied to the document itself byone or more of the application programs 145. Hence a full range ofauthentication, encryption, and access controls may be appliedseamlessly to provide much higher level security and a more userfriendly user interface than is provided by legacy fax technology.

In an optional step 240, a peer protocol entity in the computerassociated with the recipient analyzes the received document and sendsback a confirmation of receipt token. For example, the document may beanalyzed at the recipient computer and the recipient computer may sendback a reply message (preferably digitally signed by the recipientcomputer) stating that, for example, a document of 21 pages wassuccessfully received. In a preferred embodiment, a cryptographic hashfunction is applied at the recipient computer to provide verifiableproof that the document was received intact and unaltered. Transmissionintegrity algorithms are well known in the art and are often implementedusing public-private key algorithms. Transmission integrity algorithmsenable independent verification that the received document is identicalto the transmitted document. It will be appreciated that public-privatekey encryption algorithms have the salutary effect of authenticatingboth the sender and recipient of the document, since only the sender andintended recipient would have possession of the proper private keyrequired to encrypt and decrypt the document, respectively.

Alternatively, or in addition to such document encryption/decryptionschemes, in accordance with another novel aspect of the presentinvention, the intended recipient could be prompted to authenticatehimself/herself before being allowed access to the transmitted document(e.g., before being allowed to receive or open the transmitteddocument). For example, such recipient authentication could beaccomplished by means of the intended recipient inserting a smart cardinto a smart card reader coupled to or built into the intendedrecipient's computer (or network scanner), and then transmitting theuser ID/authentication information from the smart card to a remoteserver and/or to the transmitting party to facilitate verification thatthe receiving party is indeed the intended recipient. Alternatively, theintended recipient could be required to apply his/her thumbprint to abiometric sensor coupled to or built into the intended recipient'scomputer (or network scanner) in order to positively identify theintended recipient. The thumbprint information could then betransmitted, preferably over a secure network or transport pipe, such asa VPN transport pipe (to avoid identity theft), to a remote serverand/or to the transmitting party to facilitate verification that thereceiving party is indeed the intended recipient. Alternatively,application software could be provided to be installed on therecipient's computer to perform this recipient authentication function.This type of recipient access control adds a further layer of securityto the document management system of the present invention.

In a final step 250, a report or token is sent from the recipientcomputer back to the network scanner. The report or token can be loggedin an appropriate reception log file in the recipient computer filedirectory. At the network scanner 100, the report can be displayed tothe user via the GUI 150 and/or can be logged into a transmission logfile to tag a transmitted document as having been verified as receivedby the recipient or the recipient's computer. Such reports or tokenscould also be stored in an outbound log or electronic outbound filecabinet so a user could have a record of all documents sent along withconfirmation of receipt. This way, much like fax technology, the senderhas confirmation that the document was received, and the recipient hasconfirmation the document came from where it was sent unaltered.However, the present invention can transmit laser quality documentsanywhere in the world without the need to use costly telephone lines. Inaddition to superior image quality and significant cost savings,document transmission security and document integrity is much improvedover the presently available technology. Whereas faxed signatures can beeasily forged and manipulated, the digital signature embedded into thescanned document cannot.

In an alternative embodiment, an additional report can be sent back whenthe specified recipient user actually opens the document. For example, apeer application layer protocol entity at the distant end can send backa user specific receipt token once the actual recipient opens thedocument. In this manner, the sender not only can have confirmation thatthe document was received, but that it was received and opened by thespecific recipient. In applications like electronic filing at the USPTO,where a sender may wish to know when the documents he/she sent wereprocessed, but may not care by whom, the protocol entity at the distantend can send back a message verifying the document was opened, but notnecessarily verify the specific person who opened it. However, if theUSPTO, for example, wanted to hold individuals accountable for mistakesor otherwise wanted to know the person who handled a particulardocument, the token might identify the particular person who receivedthe document. Additionally, a digital signature can be applied to thereport or token sent from the recipient computer back to the networkscanner to further ensure that the party who actually received thedocument was the intended recipient.

It should be appreciated that a cryptographic hash function and/or otherdocument receipt verification function can also be used in conjunctionwith presently available scan-to-email systems in order to enhance theutility and acceptance thereof. For example, users of presentlyavailable scan-to-email systems typically choose to scan hard copydocuments into bitmap format (.bmp) electronic documents because bitmapdocuments are not readily computer manipulable and are thereforeregarded as more “secure”. As discussed previously, the use of a bitmapimage file format increases the document transmission bandwidthrequirements and/or the document transmission time, which significantlydetracts from the utility and acceptance of the scan-to-email system.However, once a digital signature or other form of robust documentintegrity/security (e.g., a biometric sensor input) is applied prior totransmission of the electronic document in accordance with themethodology of the present invention, then the particular image fileformat used does not affect the security/integrity of the transmitteddocument, because if someone later attempts to edit, alter, or otherwiseelectronically manipulate the received document at the recipientcomputer, the cryptographic hash will be destroyed, and thus, it can bedetermined that the integrity of the document has been compromised.Also, edit-resistant and edit-proof document formats may be used that donot allow the document to be modified. Thus, a compressed image fileformat can be used in lieu of a bitmap image file format for creatingand transmitting the scanned documents, thereby decreasing the requireddocument transmission bandwidth and/or document transmission time, whileat the same time actually enhancing the document integrity/securityafforded by the scan-to-email system, thereby significantly enhancingthe utility and acceptance of the scan-to-email system. Similarly, inaccordance with an aspect of the present invention, a return receiptemail message may preferably be automatically sent back to the senderwhen the recipient email server receives the document and/or when therecipient downloads and/or opens the attached document.

To illustrate the operation of a preferred embodiment of the presentinvention by way of example, consider a situation where a networkscanner in accordance with the present invention is located in acorporate environment that has a plurality of PCs and/or workstationsand possibly file servers and peripherals like networked printersattached to a switched LAN. Moreover, assume the LAN is connected to arouter so that all of the computers in the corporate environment areconnected via a corporate intranet. Now suppose a first user, “user A”,walks down the hall to an area where the network scanner is located.User A interacts with the network scanner via the GUI and/or a smartcard interface. For example, when the user enters either his/herusername and password or inserts his smart card and enters a PIN intothe network scanner, the GUI recognizes the user and shows a directorystructure that corresponds to user A's directory structure as maintainedon a corporate file server. User A then uses the Window's Explorer™ typeGUI to navigate to a particular folder where he/she would like to storethe document in his/her directory structure. Next he/she presses abutton or clicks a mouse, and runs the document through the feeder, soit can be scanned, digitized and stored as an image file. Next, theimage file is routed to the networked file server and stored in theselected sub-directory (folder) in user A's account. Similarly, a user Bcan walk down the hall from a different office, interact with the GUI,scan a document, and store the document in a subdirectory of user B'saccount selected by user B.

Much like a network based printer can be attached to a local areanetwork and accept print jobs from multiple users, the network scannerof the present invention can be attached to a local area network and canbe used to scan in a document, generate an image file and send the imagefile to be stored in a computer file folder (file system directory)associated with a particular user's computer account. As discussedbelow, this is but one use. Another is global document communicationsbetween different users located in diverse geographical locations.

It can be readily appreciated that with this configuration, thenetworked scanner can be shared by many users similar to a networkedprinter. While the networked printer needs no GUI because the users sendfiles to the printer from their desktops (i.e., the GUI for managingprinter operations is located at the desktop), the networked scannerdoes need a user interface because the direction of travel is from theperipheral back to the individual user's computer file systems (computeraccounts). In some SOHO applications, the networked scanner can be madesimpler and the client software can actually run on the single computerto which it is attached. However, a networked scanner with a GUI canalso be useful in a single-computer SOHO environment as well, as willbecome apparent from the discussion below. Also, in certain embodiments,a smart card reader is desirable, and this may or may not be availableon the PC. Hence, in all embodiments, the GUI discussed herein isdesirable, although at least certain functions may be controlled from anattached or networked PC, as discussed below.

Next, consider a global communications application more akin to a faxfunction than the shared scanner function described above. In such anapplication, user A wishes to send a document to user B. There areseveral ways this can be done, but first consider an email embodiment.In this scenario, user A walks up to the networked scanner, entershis/her user name and password or inserts his/her smart card (userauthentication is an optional feature that can be implemented with orwithout smart cards), and launches a communications application such asa scan-to-email client or a scan-to-folder client.

In the case where a scan-to-email client is used, the client applicationnow connects to a remote email server just like a normal email clientthat runs on a PC. For example, the email server used by user A may beHotmail.com™. The user then accesses his/her address book or types inthe user B's email address. Now, user A inserts the document into thepaper feeder, the pages are scanned, an image file is created, and theimage file is then sent via email as an attachment to user B's emailaccount. In some embodiments, user A can type an email message to besent along with the attachment in the body of the email message.Otherwise, a standard HTML page may be sent, or any other fixed oruser-selected message may be sent along with the attachment. In general,any upload technology may be equivalently used whereby the user Auploads the document to a server and the recipient (user B) laterdownloads the document from the server to his/her local computer or fileserver.

In the case where a scan-to-folder client is used, the clientapplication may alternatively connect directly to a recipient'scomputer, file server, or Internet Appliance via a transport sessionusing for example, a VPN, an SSL session, or a SIP session, and/orH.323-like set of channels, possibly in combination with a remote PC/LANaccess application like the modified version of GoToMyPC™ describedbelow. Now, user A inserts the document into the paper feeder, the pagesare scanned, an image file is created, and the image file is then sentvia a direct session pipe or direct session link to a computer resourceor storage file associated with user B. In some embodiments, the usercan type in a message to augment the directly transmitted document,basically attaching a text message to the file to be transferred, areverse of the concept of an email attachment, but similar. In general,any transport technology may be equivalently used whereby the user Acauses a packet transport pipe to be coupled directly to a computerizedresource controlled by the recipient (e.g., user B). As discussed inconnection with the method 200, user B and/or user B's computer systempreferably sends a confirmation of receipt back to user A.

In the context discussed above, the document call looks much like a SIPcall or an H.323 call whereby at least one media type used in the callcorresponds to a data media type. In this application, the data mediatype corresponds to a file such as an image file, preferably one thathas been compressed and to which user authentication information such asa digital signature has been embedded. As such, native Internet typeprotocols are used to provide an enhanced fax-like service that neverneed to traverse the telephone network nor be converted to analog faxsignals like G3 fax signals. Notably, the above-described networkscanner allows high quality image files to be sent anywhere in the worldvia email (scan-to-email) or via direct transport pipes(scan-to-folder). Never is the document converted to a fax and sent overthe telephone lines. Never is image quality reduced by converting thedocument to a G3 fax protocol, nor are any telephone toll chargesincurred. No fax boards are needed at a fax-to-email server. In thistype of embodiment, all that is needed is a standard email account andan email client that is accessible via the GUI provided by the networkedscanner apparatus.

As previously discussed, scan-to-folder technology can be used in acorporate network environment, and/or FTP or any other file transfer orcommunications protocols may be used to send scanned documents directlyfrom the network scanner to a directory in a file system controlled by atarget recipient. Just like email clients, inventive messaging clientswith message mailbox style GUIs can be used to allow users to look atinboxes associated with incoming file transfers and outboxes oftransmitted files. In accordance with the scan-to-folder aspect of thepresent invention, a messaging mailbox interface is provided, anddocuments can be pushed directly to a recipient's computer or to a fileserver. When a user receives a pushed document, the user sees a mailboxstyle interface and can access and manage the messages that have beenpushed into his/her inbox. The above-described strong userauthentication, document transmission integrity, and confirmation ofreceipt features of the system of the preferred embodiment of thepresent invention make this system much more secure than presentlyavailable fax technology or presently available scan-to-emailtechnology, e.g., for executing legal documents. The novel transportmechanisms of the present invention, especially scan-to-folder, arecheaper to use than telephone fax transmissions (to includeemail-to-fax) and do not require the recipient to wait for long filedownloads and to hang up an email client while a file uploads at thesending side.

In alternate embodiments, some of the features described herein can beimplemented on the network scanner and other features implemented on anetworked PC. For example, if the GUI and/or smart card interface isprovided, a particular user can enter his/her user name and password orstrong authentication data and a PIN, and this could allow the scannerto be associated with a particular user. In this type of embodiment, thedocument is scanned, and is placed into a selected directory belongingto the particular user, and the particular user can then launch aspecialized client such as a scanner-to-email and/or scanner-to-folderapplication program from his/her PC.

The present invention allows a user of the network scanner to identifyhimself/herself, and to have the network scanner then possibly acceptfurther commands from the user, and route the document to a particularlocation in internal scanner memory (e.g., implemented as disk or RAMstorage) or to any file server on a local or remote network (such as afile in a networked directory structure). With this capability, otherinventive protocols and functions disclosed herein may be implemented ina remote PC. So long as the network scanner associates the scanneddocument with a user account, the user can perform further processing onthe scanned document from a remote location.

To enable such mixed or hybrid embodiments in which some of the clientsoftware resides on a networked PC and other client software resides onthe network scanner, the required functions are distributed amongst thesoftware components accordingly. The network scanner preferably has atleast a user interface to identify a user who is inputting a documentfor scanning. In a preferred embodiment, the user enters a user name andpassword, a smart card and a PIN, or an equivalent thereof oralternative thereto, such as a wireless PDA and a PIN. Once the networkscanner knows the identity of the user, a scanned document can beassociated with that user, and any function executed from that timeforward can be performed using a client that resides either on thenetwork scanner or the networked PC. For example, after scanning adocument, the scanner can store it and associate it with the user, andthe user can go back to his/her PC to access the scanned document acrossthe network and move it into his/her file directory and/or send it to aremote location using any of the methods described herein.

In some embodiments, the user can, once back at his/her PC, insert asmart card into his/her PC, and/or apply an input to a biometric sensorand implement any of the security algorithms discussed herein. Likewise,the scan-to-folder software could run on the user's PC in somealternative embodiments. The scan-to-folder clients are preferablyavailable both from the network scanner GUI 150 and also at the PC orworkstation operated by the user. Typically, a user will maintainhis/her inboxes and outboxes from his/her PC. Thus, having versions ofthe scan-to-email and the scan-to-folder clients located both on theclient PC and the network scanner 100 is preferred. However, as long asthe user can identify himself/herself to the network scanner so thenetwork scanner can associate the scanned document with one of aplurality of possible users who share the networked scanner, the othersoftware components of the invention may be located on the networkscanner and/or on a computer resource coupled to the network scanner viaa LAN, VPN, or other network connection. Similarly, the filetransmission and handshake protocols discussed herein may also beimplemented using a networked computer resource.

To improve security over the light form of security provided by currentfax technology and to improve the way business and legal transactionsare performed, another aspect of the invention involves improvedsender-authentication security. In a variation of the method 200, a userwalks up to the network scanner with a signed contract in hand. The userthen enters his/her smart card into the network scanner in step 205. Asmart card reader in the network scanner communicates with the smartcard and asks for the user to enter a PIN, much like an ATM card. Thenetwork scanner then accepts the user's PIN, also in step 205, and ifcorrect, grants secure access to the user in addition to performing thestep 210. As discussed previously, user preferences may be loaded fromlocal storage of the network scanner based on a user account, from anetwork server resident user account database, or from the smart cardinserted into the network scanner to provide a customized GUI. Once theuser has been identified, the user causes a scan-to-email orscan-to-folder client to be launched (or it is launched and logged intoautomatically based on a user preference setting), and/or a direct filetransfer unified messaging client is launched similar to the onediscussed in FIGS. 3-4.

Using the appropriate client, the user then selects a recipient fromhis/her address book or enters the email address manually. In thisexample, the user then selects strong authentication and also selectsstrong encryption. In one embodiment, application software 145preferably resident in the network scanner then causes a digitalsignature and a public key to be read from the inserted smart card bythe smart card reader to be applied to a scanned image file (generatedin step 220). Alternatively, the scanned image file is sent to the smartcard and an encryption/authentication application on the smart cardapplies an appropriate set of cipher algorithms (step 225) to be appliedto the document. In this manner, the smart card does not need to revealthe user's private key to the network scanner which is in general lesssecure (susceptible to software hacking) than the smart card itself. Thebasic idea of streaming a document through a smart card so that adigital signature may be embedded therein may also be executed on a PCwith a smart card reader and applied to any file type prior totransmission of the file to another user via email or a document calltype as described herein.

Hence, in a preferred embodiment, the scanned image file is streamed tothe smart card which applies the cipher(s) to authenticate and/orencrypt the image file. The image file is then streamed back to thenetwork scanner. Once the image file is received, it can be sent via anemail server, a remote control access server, or via any type of directpoint-to-point file transfer protocol (including document calls asdescribed herein) to any other local or remote computer, file server, ornetworked printer as discussed below. With this type of system, thereceived image document may be positively identified as being sent bythe same person who signed the document. Simple fax type forgeries arenot possible. The user who signed the document must be physicallylocated at the network scanner in order to send the digitally signeddocument. In an aspect of the invention, a bar code or digital watermarkis preferably added by the smart card to be printed, e.g., in a headerand/or a footer on each page of the received document.

Also, in the electronic version of the document, a digital signature ispreferably applied to the data so the entire contents of the documentcan be digitally authenticated. This way, each page of the document ispositively signed by the signatory, and there is no way pages can bechanged out. For example, with current fax technology and even standardcopier technology, a fifty page contract is typically signed only on thelast page. It is cumbersome for each party to initial each and everypage, so this is not typically done. But when a signatory enters his/hersmart card and authentication data in the network scanner, it is trivialto add a digital signature watermark to each and every page and toauthenticate each and every bit of the electronic document with adigital signature. It will be appreciated that many other types ofdocument authentication, encryption, and security schemes can beutilized without departing from the spirit and scope of the presentinvention. Preferably, whatever scheme is selected ensures that eachpage of the scanned document can be verified by the recipient to havebeen created (scanned) and/or transmitted by the person who isidentified to the recipient as having done so (e.g., the signatory tothe document).

Another embodiment of the network scanner 100 and the method 200 areprovided for use in public places or to allow a first user to borrow andcustomize/personalize a device owned by a third party. Reference can bemade to the disclosure of the parent application incorporated herein byreference for background and further options of the embodiment discussedin this and the next paragraph. For example, a user is in an airport orat a hotel and has recently executed a contract while visiting a client.The user walks up to a public network scanner device and inserts his/hersmart card. In any of the embodiments described herein, a user's PDA orother wireless device that contains the same type of information that ison the smart card but uses a wireless interface instead of a physicalsmart card interface may take the place of the smart card. For ease ofdescription, suppose the user is using a smart card and inserts thesmart card into the network scanner. After any additional userauthentication such as a user PIN is provided, the network scannerpresents a GUI screen that indicates the user has access to the publicnetwork scanner. An application on the smart card (or wireless device)then interacts with the scanner and provides either credit cardinformation, debit card information, or a form of digital cash. Then anapplication on the smart card provides user settings and preferencesinformation to the public network scanner.

After having received the smart card in the public network scanner, thepublic network scanner can take on a personality of the user. That is,user customized data relating to a user's email account, scan-to-folderaccount, address books, and other information may be seamlessly accessedwithout the user needing to log into multiple servers. Now the user canplace his/her document into the feeder tray and use the GUI-suppliedaddress book to send the document, with or without a digital signature,to an intended recipient, using either an email server, an FTP server,or by means of a direct session transfer, to a recipient's computer(destination).

In the parent application, an alternative embodiment is disclosedwherein the user preferences and settings are supplied by a remotenetwork server. The user enters a username and password, and the remotenetwork server then supplies the same services as the smart card. Thisallows systems to be implemented in which the user need not carry asmart card, but can nevertheless receive similar benefits and services.These types of embodiments may also be used with the network scanner ofthe present invention. In embodiments of the present invention in whichthe method 200 is practiced in public environments, a final step ispreferably added to the method 200 whereby the smart card is charged viaa user subscriber account, credit account, a debit account, or viadigital cash certificates to pay for the use of the publicly availablescanner.

In an aspect of the present invention, the scan-to-folder client issimilar to an email client or a unified messaging client. In the unifiedmessaging embodiment, the scan-to-folder inboxes and outboxes can beintegrated with an email client. That is, a single unified messagingclient can be used to view incoming and outgoing emails as well asincoming and outgoing scan-to-file documents.

Referring now to FIG. 3, a unified messaging client application 300 isillustrated in block diagram form. The application 300 includes aunified messaging mailbox GUI 305 that can be used to manage one or moremessage types such as email messages (possibly having attachments) andscan-to-folder type messages used for direct point-to-point documenttransfer. It is noted that the unified messaging client of the presentinvention may only support, for example, document calls, but also maypreferably support email, document mail server access, VoIP and videomessaging data types in different embodiments.

In an exemplary embodiment of such a client, an email services component310 and a background transport services component 315 are bothaccessible via the unified messaging mailbox GUI 305. The email servicescomponent 310 is coupled via a protocol stack 320 to an email server andimplements client-side email functions as are known in the art. Thebackground transport services component 315 is also coupled to theprotocol stack 320 and manages remote file transfers in a point-to-pointfashion with remote computers to send and receive files using a protocollike FTP, SIP, and/or via a remote control server application such as aGoToMyPC™ server-side program that has been modified in accordance withthe present invention as discussed above to communicate with computersystems belonging to other users or entities.

In a preferred embodiment, the background transport services component315 includes a background process forking mechanism. That is, when auser wishes to send a document, a process is forked in the background.This way, a user's mailbox is freed up so the user can access email andperform other messaging tasks instead of having to wait for a file toupload or download. Preferably, the GUI allows the user to control theamount of bandwidth that the background transport services can use.Preferably, the bandwidth control can also be applied to email uploadsand downloads and a preferred embodiment of the client allows backgroundtasks to be forked for email uploads and downloads as well. The optionalbandwidth control component 330 is desirable because it allows documentsto be uploaded, downloaded, and to be sent to and received from remotecomputers without tying up all the bandwidth resources and causing auser to have to sit and wait while a file uploads, downloads, or istransmitted or received from a remote computer.

Also, it is noted by the present inventors that often VoIP quality isseriously impaired as a file is being downloaded from a sharedconnection. In order to enable a user to exercise some control over thequality of a VoIP telephone call while uploading or downloading files orotherwise communicating over a shared connection, in accordance with analternative embodiment of the present invention, the user, via thebandwidth control component 330 (e.g., accessed via the GUI 150), canselectively vary the bandwidth allocated to one or more types ofcommunication. For example, when document transmission speed and/ordocument quality (e.g., image resolution) is more important to the userthan is voice quality, the user could increase the bandwidth allocatedfor the document transmission communication, and, conversely, if voicequality is more important to the user than is document transmissionspeed and/or document quality, then the user could increase thebandwidth allocated for the VoIP telephony communication.

Further, the bandwidth control component 330 may be implemented as ahardware or software component in a VoIP device. When the VoIP devicerecognizes that a broadband connection is being used for large filetransfers and there is bandwidth contention, the VoIP device preferablycauses the bandwidth control component 330 implemented therein, orcommunicates with the bandwidth control component 330, to cause theupload, the download, or the point-to-point file transfer through thetransport pipe 315 to be throttled back to maintain a specified voicequality. While giving voice packets priority over data and/or videopackets is known in the art of network routers, no presently availabletechnology enables a user (e.g., in a SOHO environment) to control thebandwidth of file transfers to maintain a desired VoIP quality.Currently, the VoIP quality becomes unintelligible during a filetransfer, and the user is not provided with any mechanism to preventthis from happening and/or to regulate the amount of bandwidth allocatedto the VoIP call. As mentioned earlier, the VoIP functionality may bebuilt into the network scanner, or the network scanner can act as a WiFigateway or cordless base station for a cordless handset or a wirelessVoIP phone. In such cases, and in embodiments where external VoIP accessis provided in the same local area network, bandwidth controls of thepresent invention may be applied to optimize the sharing of thebroadband connection used to carry the various media types (fileupload/download, VoIP calls, and document calls and media types).

In accordance with an aspect of the present invention, a user can usethe unified messaging GUI to indicate whether the file transfer shouldthrottle back to maintain voice quality or whether it should haveprecedence. For example, if the user is talking over the VoIP phone, andthe person on the other end sends a file that is to be discussed, itmight make better sense to wait and allow the file to come in, and thendiscuss it. In other cases, the user may want to talk and performcertain functions at the same time, like download a file from adifferent user. In such cases, the VoIP quality would be givenprecedence. In the present invention, it is also preferable to allow theuser to either set a fixed bandwidth allocation preference or to havethe ability to throttle back scan-to-folder type messages coming in thebackground and give preference to other channels such a VoIP connectionand/or a file download connection.

Referring now to FIG. 4, an embodiment of transport services component400 is discussed. The transport services component 400 may be used as abackground process and forked by the background transport servicescomponent 315. In a preferred embodiment, the transport servicescomponent 400 is accessible and controllable via the unified messagemailbox GUI 305 and the bandwidth controls discussed above may be set bythe user to manage local broadband bandwidth so the transport servicescomponent 400 can operate alongside email upload/download applicationsand VoIP services. Similarly, the transport bandwidth (input and/oroutput) of the transport services component 400 may preferably bethrottled automatically by a desktop gateway configured to maintain aquality of service (QoS), e.g., in accordance with adjustable userpreferences/settings.

The transport services component 400 includes a file transport servicecomponent 405 that manages file transfers and network connections. Anoptional SIP component can be coupled to the transport service component405. The SIP component may implement the SIP (session initiationprotocol) or any other protocol used to set up sessions between remotecomputers (e.g., SSL, VPN, etc.). In some embodiments, the SIP componentcommunicates with a network side SIP server or a mobile IP server, forexample. The network side SIP server or mobile IP server can convert astandard application layer address to a network address like an Internetaddress where a user or service identified by an address such as a SIPaddress or a mobile IP address can be located on a network like theInternet. As discussed previously, a connection server, possibly withSIP capabilities or H.323 call setup capabilities may be used to set upcalls using a document or file transfer media type.

Also coupled to the transport service component 405 is an optionalremote control client (RCC) component 415. The RCC component 415 may beused to gain access to a remote computer, much like a telnet service ora GoToMyPC™ service. The RCC component 415 often communicates with aserver side entity that allows a remote computer system or LAN to beaccessed remotely. In some cases, VPN (virtual private networktechnology) is used to provide the access. The RCC client 415 is used toallow the host computer or scanner on which the transport servicescomponent 400 resides to communicate directly with a file system orother computer resources located at a remote location such as acorporate LAN, a corporate intranet, or an internal home network or“always on” PC, coupled to the Internet via a broadband connection likea cable modem or DSL connection. The RCC component may be used to causedocuments, files and folders to be moved to another user's computer orto remotely access documents transferred to a machine controlled by theuser himself/herself.

A file transfer component 420 is used to implement a file transferprotocol such as FTP or any other network file transfer protocol. It isthe job of the SIP server and/or the RCC component 415 to locate andgain access to a remote storage system located on a remote targetcomputer belonging to a recipient of a scan-to-folder or other type offile transfer. The file transfer component performs a file transfer topush the file directly to the remote computer file system. A peerprotocol entity resident in the recipient's computerized devicegenerally is used to interact with the file transfer component 420.Preferably, the file transfer component 420 is responsive to auser-controlled bandwidth regulation input so that the file transfer canoperate in the background while other services like emailupload/download and/or VoIP telephony occur in the foreground.Alternatively, the file transfer component 420 could be given a highpriority and allowed to consume a larger amount of bandwidth when a fastdocument transfer is desired.

Also connected to the file transport service 420 is an optionalverification component 425. The verification component is operative toreceive verifications from remote computers verifying that thetransferred file has been received by the computer system and/or openedby the specific recipient. The verification component 425 also isoperative to provide verifications when files are received from remotecomputers. In this type of embodiment, the file transfer component isused to receive a document, and once the document is received, theverification component 425 either performs a file verificationoperation, a page count verification, a checksum verification, and/or acryptographic hash function verification. The result of the verificationis sent back to the sender. Similarly, the verification component cansend a message when the file is opened by the recipient user. That is,the system 400 includes both transmission and reception side protocolentities and can be used to both transmit and receive document calls asdiscussed herein. Similarly, the optional remote control portion can beused to allow a user to store documents in other user's computers and/orcan be used to remotely access documents pushed by other users into theuser's computer.

All of the components 410, 415, 420, and 425 communicate with a protocolstack 430 in order to communicate via a network such as a LAN, intranet,or the Internet with external computers and computer resources like fileservers. Various types of embodiments are envisioned, and anysub-combination of the components 410, 415, 420, and 425 may be includedin a particular embodiment.

The transport services component 400 may be used to both transmit andreceive documents. It should be noted that the transport servicescomponent 400 may be used to transmit and receive other types ofinformation like entire CD-ROMs that carry multimedia information, orwhich carry directory structures. For example, the file transfermechanisms of the file transport service can be used to move eitherfiles or entire folders. The user can preferably drag and drop any fileor folder into an output GUI area and have the file or foldertransported to the remote computer using this feature of the presentinvention. That is, for example, the SIP component could set up a call,and the call could be used to send an entire CD-ROM, including itshierarchical directory structure, to a recipient's computer or appliancethat is adapted to receive document type calls. This service is similarto an FTP service, and once it is integrated into a unified messagingenvironment in accordance with the present invention, it opens up new,much more convenient, secure, and efficient means of global documenttransfer than is possible with any presently available technology. Therecipient computer could use filters and access controls to ensure it isnot bombarded with large amounts of questionable, undesirable, orpotentially harmful data.

The various above-described methods of the present invention can beexecuted in a client side computer. The method could provide amailbox-style GUI having inboxes and outboxes. The method could alsoprovide one or more types of data communications services, such as anemail messaging service and/or a direct file transfer service. Themethod can provide a bandwidth control input that allows a user tothrottle the amount of bandwidth used in at least one of a file uploadto an email server, a file download from an email server, a directpoint-to-point file transfer to a remote computer, and a directpoint-to-point file transfer from a remote computer. For cases wheresource-to-target file transfers are to be used, the method can alsoprovide a mechanism for receiving an input from a user indicative of astatic application layer address and interacting with a network serverto obtain a dynamic Internet address associated with the staticapplication layer address. The dynamic Internet address can be a mobileIP address or an Internet address that can change, e.g., when a usermoves, when power is cut from a cable modem service for a period oftime, when a DHCP controller assigns a new IP address to a user, or whenthe IP address changes for any other reason. The method preferably alsoprovides a mechanism for forking a background process, and in thebackground, causing a file to be transferred via a packet switched datanetwork to the target computer in accordance with the bandwidth controlinput. The method optionally provides a mechanism for receiving averification token back from the target computer indicating that thedocument has been received by the target computer. Finally, the methodcan provide a mechanism for indicating in an outbox entry of the unifiedmessaging GUI that the file was successfully received at the targetcomputer in response to receipt of the verification token.

The system 300/400 of the present invention may be implemented, in someembodiments, on a computer attached to the scanner rather than in thescanner itself. For example, if the scanner is attached to a PC, and thePC is attached to a network (e.g., a cable modem connection to theInternet), then PC-resident software can perform many of the same basicfunctions as described by the networked scanner provided it is equippedwith scanner-to-email and/or scanner-to-FTP and/or scanner-to-DSSsoftware, etc. It is noted that with presently available technologies,the scanner is typically directly cabled (or wirelessly via Bluetooth)to a single PC. However, the present invention allows the networkedscanner to operate with multiple PCs, e.g., attached to the same LAN orVPN. Also, the optional smart card interface on the networked scannerprovides very strong verification that a signatory to a document is thetrue signatory of the document. Alternatively, smart card readers and/orbiometric scanners can be built directly into a PC, so that the scanneddocument or other types of files or directory sub-trees could be sentusing the same basic protocols from networked PCs once the networkscanner has scanned the document and made it available to a user via thenetwork connection 125.

As discussed above, point-to-point file transfers often involve networkserver technology in different ways. For example, a user can use anetwork server such as an ASP (application service provider) to storehis/her files and can enter a user name and password to access his/herfile system. In some cases, the application service provider alsosupplies a set of application programs the user can access remotely. Inaccordance with the parent patent application, a user can enter a smartcard into a machine in order to gain access to the user's personal filesystem.

To illustrate a method that can be used with the present invention,suppose user B maintains a server-side file system. For example, theserver-side file system can be a file system on a corporate LAN fileserver, or may be an account, for example on an email server or any typeof server that maintains disk space on behalf of a client. Consider anexample where an application program on the networked scanner acts as anFTP client. If user A wants to send user B a document, user A can enteran FTP address associated with the server account maintained by user B.This FTP address can be selected from an address book or entered via theGUI 150 or the client 300 much like an email address can be enteredusing email client software. Now, instead of sending the document touser B via email, the document can be sent or uploaded directly to afile folder in user B's server-side file system account.

The various above-described methods of the present invention can also beexecuted in the network scanner 100. In one network scanner method, aset of authentication data is accepted to identify a particular user whois using the network scanner. A mailbox style GUI is presented includingat least one inbox and at least one outbox. At least a direct filetransfer service is provided for use with the inbox and the outbox. Aninput is received from a user indicative of a static application layeraddress. One or more sheets of paper are then scanned to create an imagefile. A connection is made via a path through the global Internet to aremote computer associated with the static application layer address anda file transfer session is thereby established with the remote computer.Finally, the image file is transmitted to the remote computer via thefile transfer session. In some embodiments, the static application layeraddress is converted by an external server to a dynamic IP address. Inother cases, the static address may be similar to a URL or a URI, and noSIP-type address translation or mobile-IP database lookup is needed.With any of the methods described herein, the static application layeraddress can be a fixed URL, URI, SIP address or a generalized multimediacall enabled email address that is published like a present day faxnumber and is constantly available to receive files such asscan-to-folder file transfers.

In accordance with an aspect of the present invention, a special FTPclient is employed that behaves similar to an email client. When user Blogs into his/her server-side ASP, he/she is notified of new documentsin his/her in-box. Much like a unified messaging system, user B can lookat his/her inbox and locate any files that have been uploaded directlyinto his/her inbox folder that are accessible for writing from externalnetworked devices. User B can optionally limit access to his/herdocument in-box using an access control list, or any form of spamfilter. Also, user B could set a filter to allow documents to bereceived from user A, but could further require they behard-authenticated with a digital signature before they are accepted.

It is recognized by the present inventors that many corporations andSOHO environments use broadband connections. For example, in a SOHOenvironment, a user may use a cable modem connected to a WiFi router toprovide service to a number of computers and networked peripherals. Inan aspect of the present invention, a service such as the J2 GlobalCommunications “GoToMyPC^(TM)” is used to access SOHO local areanetworks and computers. Such services allow users to access their homecomputer remotely from any location in the world via an Internetconnection. In an aspect of the present invention, the scanner hasinstalled therein a client side software application that acts as aclient to an expanded inventive GoToMyPC™ type service used foruser-to-user communications. The expanded service allows a first user toremotely access documents received via the scan-to-folder protocol andalso allows the first user to write documents (including other types offiles or directory system hierarchies) into a shared folder in a seconduser's computer.

Referring now to FIG. 5, a novel service termed herein a “direct sessionservice” (DSS) is introduced. A DSS Server 500 includes a protocol stack505 to interface with remote computer systems. The DSS server preferablyincludes or is coupled via an external network connection to a SIPdatabase (not shown). The SIP database is used, for example, to mapstatic application layer addresses similar to email addresses toInternet Protocol (IP) addresses or higher layer port or sessionaddresses where a computer or computer resource or process can be foundon a packet switched communication network such as the Internet. Aconnection server 530 is used to accept requests from remote computersand to control the various components of the DSS server to initiateconnections to target computers, e.g., mobile computers or homecomputers whose IP address structure may change due to IP addressreallocations or for other reasons. The DSS server can preferably beused to set up “document calls” using the SIP, H.323, SSL, or VPNprotocols, or any other protocol that can be used to set uppoint-to-point connections across the Internet.

To support the concept of document calls, legacy fax-to-email serverscan be replaced by a document call setup server in accordance withvarious server embodiments as represented by FIG. 5. Such serverspreferably provide document buffering capabilities and remote accessfeatures and services for use when a recipient cannot receive a documentcall. This is much like a voice mail feature provided by current VoIPserver technology. If a user is able to receive a document call, thedocument call server sets up a connection and the document istransported to the recipient using a document call. If, on the otherhand, no user-controlled device is able to receive a document call, thenthe server sends the document to the equivalent of voice mail. Forexample, the document call setup server can store the document for asubscriber of the document calling service. The server can then send anemail notification and/or a wireless notification message to the user'scell phone indicating that a document message has been received. Thebuffered document can be pushed to the user via email, a wirelessmultimedia messaging service (MMS), and/or can be stored by the serverso that the user can log in via a web browser and download the receivedand stored document, using, for example, a multimedia messaging clientin accordance with other aspects of the present invention. For furtherdetails of server embodiments see the discussion of FIG. 5.

In accordance with an exemplary embodiment of another aspect of thepresent invention, a server can implement a feature herein dubbed“document mail” as follows. A server first receives via the globalInternet a request to set up a point-to-point document call from anoriginating network scanner device or client PC or handheld device. Thedocument call is intended to be set up to a destination device that canbelong to an organization or can be associated with a particular user.The request comprises an application layer address associated with anintended destination for the document call. Depending on the embodiment,the destination may correspond to a fixed destination computerizedsystem, or may correspond to a follow-me type address associated with anindividual user or an individual user's mobile IP device. The servernext performs a database search to determine whether the destinationdevice (or a device in use by the individual user) is presentlyconnected to the global Internet. If the user or the destination deviceis connected to the Internet, the server looks up an Internet addressassociated with the destination device and couples it back to theoriginating device. This, possibly together with other protocol levelhandshaking, is used to provide the originating node with a destinationaddress it can use to send a scanned document or other type of filethrough a “document call” (packet switched point-to-point transportpath) to the destination device. If the database search is unsuccessful,the server preferably sends a message to the originating device toindicate the destination device could not be reached. In such cases, theserver can also send back an indication to complete the document call tothe server so that the server can store the document in “document mail,”i.e., a designated buffer area from which the document can later bepushed to the destination user or from which the destination user canlog in and download the document, for example, using a web browser.

In the type of embodiment described above, the server may optionally beconfigured to send back an Internet address corresponding to a serverport adapted to receive document calls in a document mail system.Moreover, the document server can implement the receiver side of themethod 200 and send back a receipt token to the document callorigination device. When the user finally receives the document mailmessage with the document, a second token may preferably be sent fromeither the server or the recipient to the document call originatingdevice in order to confirm that the user finally received the document.If the originating device is not connected to the Internet at the timethe receipt token is generated, the server is preferably configured toattempt to determine when the originating device is again available andto push the receipt token to the originating device when the originatingdevice is again connected to the Internet. In such embodiments, theserver also may need to store a receipt token sent back from thedestination in the buffer area until the originating device isavailable. In this case the document mail system functions similarly butin the reverse direction from the destination back to the originationpoint. If the origination point is not a subscriber to the server, thetoken may be sent via email and an email plug-in at the originating nodemay be used to log the receipt token in an outgoing document call log.

The DSS server 500 also includes or is coupled to a remote controlserver (RCS server) that communicates with a remote client and also witha target computer so that the remote client can, depending on theembodiment, store and/or retrieve documents to/from the target computer,much like a VPN access connection or a GoToMyPC™ type system. Alsoincluded is a storage area 520 used to buffer file transfers. This isused primarily for cases where the target computer cannot be reached,e.g., due to the computer being shut off, a power failure, or atemporary network connection dropout. The optional storage area is usedto buffer received documents for such cases. The connection server 530preferably periodically checks to see if the target computer is backonline or receives a report from the target computer when the targetcomputer is back online. The server 500 may be optionally configured topush the received document to the target computer once the connectionserver 530 is able to complete the connection to the target computer.Email and/or wireless multimedia messaging type notifications and userlogon to a user mailbox for document access and downloading may also besupported. At the time the file is received at the target computer, amessage is sent from the target computer back to the sending computer toconfirm receipt. Email notification may also be used for this purpose.

The DSS server 500 is preferably implemented similar to the GoToMyPC™server. However, instead of or in addition to going to the user's PC fordocument retrieval and access, the DSS server connects user A into userB's computer. In this manner, when user A scans the document, thedocument can be sent directly to user B's computer. An input folder ispreferably provided to accept input documents from external users, andunified messaging type client software is preferably used to notify userB that the document was placed in his/her inbox. Alternatively, thedocument can be sent straight to a networked printer inside user B'sinternal network. A skilled artisan familiar with the implementation ofthe GoToMyPC™ service can readily appreciate that the same technologycan be used to send documents to other subscribers' computers instead ofallowing a particular user to access only his/her own PC. Theapplication software on user B's computer preferably provides accesscontrol to only allow documents to be written in a particular inboxdirectory, and to limit access to authorized users on an authorizedaccess list (e.g., designated users who are properly authenticated), aswell as also preferably performing virus scanning and/or other harmfulor malicious file detection functions to minimize the risk of harmfulfiles infiltrating user B's computer due to files transferred from userA or other third parties via the DSS server.

As can be seen from the above, there are several ways scanned documentsor other files or folders can be sent directly to users without usingtelephone lines at all, i.e., as email attachments, via direct FTP typeconnections to server side messaging accounts that can accept uploadsfrom other users, uploads to a user's network side ASP-supplied filesystem via FTP (or other file transfer protocol), or can be sentdirectly to a user's computer via Internet transfer using a redirectionand session initiation service like the user-to-user version DSS servicedescribed above. Various remote control-PC access systems can similarlybe converted to data communication systems embodying various aspects ofthe present invention by allowing this type of software to bewrite-restricted to allow user A to write into user B's computer systemor to a storage device located on a private LAN controlled by user B.

A SIP database 510 is used to set up a session pipe between endpointcomputers. SIP services may involve mobile users as well. For example, amobile user may connect a laptop in Texas, get on a plane and later plugin his/her laptop in Florida. A SIP server can be used to translate astatic application layer address like eric@aol.com to a physicalInternet address assigned by a DHCP or a mobile IP server for example.Using this technology, the network scanner can behave similar to a fax.A user can send a file directly to a destination computer, and directlyto mobile and even wireless devices, e.g., using a mobile IP addressingscheme. This allows the present invention to provide directpoint-to-point document transfer services like current fax technology.The recipient can be located anywhere and a single email address oremail-type address can be used to locate the user, with the help of theSIP server, anywhere in the world. With broadband connections, manycomputers have an “always on” connection, and would thus be able toreceive documents around the clock. To implement this functionality, theSIP server is used to set up a call between endpoints, and peer protocolentities such as the client software 400 in the endpoints are used toimplement document call protocols as discussed herein.

Also optionally included in the server system 500 is a userauthentication database 535. The user authentication database 535 isused to hold smart card information like user public and private keypairs and certified or trusted certificates so that users without smartcards can enter a user name and password and have the cryptographicalgorithms that preferably execute on the smart card execute on theserver instead. Alternatively, the cryptographic keys used for digitalsignatures can be sent via an encrypted path to a client side networkscanner or PC so the digital encryption algorithms involving the userkeys used to digitally sign the document are applied at the client sidenetwork scanner or PC. In some embodiments, the user authenticationrecords may be used to augment the capabilities of users with smartcards, for example to update keys and to thereby seamlessly keepsecurity data such as key from becoming old and out of date.

Also optionally supplied on the server system 500 is a server-sidetransmission log 540. The server side transmission log is supplied toallow a third party such as the server 500 keep track of all documenttransmissions sent and/or received at a given subscriber endpoint. Thisallows a subscriber to have a third party legal record log of alldocument transmissions and receptions so that a user can prove whether adocument was sent or received (and by whom, including sender/receiverauthentication data) should the need ever come up to resolve a disputeor misunderstanding and/or to adduce evidence for use in judicial,administrative, or regulatory proceeding.

Also optionally supplied on the server 500 is a transmission archive545. The transmission archive is a storage service offered by the server500 to keep track of some or all of the documents transmitted to and/orreceived at a given subscriber endpoint. The archive service allowssubscribers to keep third party records of all document transfers,again, mainly for legal reasons, and future dispute settlement, but alsofor ease of record keeping and for secure archival purposes. Asubscriber would have online access to the transmission log and would beable to obtain third party verification of any transmitted or receiveddocuments. In some cases, a subscriber may wish to mark certaindocuments for archive at transmission time or at some time after theyare received. In such cases, the GUI in the client software 300 ispreferably equipped with a way to mark documents to be transmitted forserver-side archival. Also, the client-side GUI 305 also allows messagesin the inbox to be marked for server-side archival. In such case, once adocument is marked, it is sent to the server 500 for archival. Ifdigital signatures are used, the document's digital signature and themessage log entry can be maintained at the archive to maintain therecord. In other cases all transmissions to/from an endpoint arearchived. Documents received at the subscriber endpoint can beautomatically uploaded to the server for archive, or a multicastprotocol can be used to ensure the server and the endpoint both receivethe same file.

When digital signatures are used, especially in combination withembedded time stamps, both the time of scanning and/or transmission timecan be encoded into the document itself. Likewise, the identity of thescanning station, such as a scanner serial number, a fixed MAC address,or an application layer sending SIP address or other type of fixednetwork address corresponding to the sending station can be added to thedocument and the digital signature applied to the document containingthe transmission stamp. Likewise, the sending station can digitally signa document that has a time stamp included and both the sender's andrecipient's network addresses appended. Also, the archive can store acopy of the return receipt so that the document is stored as is areceipt report that may include a cryptographic hash verifying receiptat the subscriber endpoint. All of these techniques and anysub-combination thereof may be used for implementing third partyarchival services at the server.

Because of the use of digital signatures and hard authenticated data,undeniable and trusted transmission logs and document archives may alsobe maintained at the subscriber endpoint itself. To lower storagerequirements, instead of storing each transmitted and received document,only a document transmission log entry and a cryptographic hash of thedocument need be stored. In the future, using the transmission log entryand the cryptographic hash, a particular document can be positivelymatched to a corresponding transmission log entry without the need tostore the entire document in the transmission archive. This techniquecan also be used for document archival at the server. That is,transmission log entries including a reduced cryptographic hash of thefull documents are stored in the transmission log along with digitallysigned receipt token so the transmission can be matched to thetransmitted document in the future should the need arise to properlyverify transmission and receipt.

Many other types of Internet appliance endpoint devices can beimplemented to support the above and various other aspects of thepresent invention, new printers or other. For example, Internetappliances according to the present invention may be implemented withstorage and with an “always on” broadband Internet connection so thatthey could have the capability to accept incoming documents essentiallyat all times. A networked computer could be used to view any documentsthat were accepted by the enhanced printer or standalone Internetappliance configured to accept incoming documents around the clock. Suchan appliance could be integrated into the network scanner or could beused for document reception and possibly printing only. Alternatively,an email server or a messaging server could be used to eliminate theneed to have a device that has an “always on” broadband connection toreceive a document. These server systems could be implemented as emailservers or could replace current generation fax-to-email servers.

In many cases a user will need special access privileges in order to begranted access across a firewall to perform a direct file transfer. Forexample, home users and large corporations alike may use firewalltechnology and access control technology to protect their localcomputing environment. As such, the network scanner or the client system300/400 can use the smart card's hard authentication data and encryptiondata, together with the user entering his/her PIN, to create a VPN(virtual private network) connection to an access point of a privatenetwork. Once the user is authenticated, the user can enter a securedarea via a VPN tunnel and can then have access to a protected filesystem. The user then can use the Windows Explorer™ type GUI to select afolder or a resource like a network printer and send the documentthereto.

Note that the direct file transfer protocols can be useful because theyprovide additional privacy. However, direct session links and serverbased solutions can both be used. Because of the hard encryption offeredby the use of smart card technology, security becomes much less of anissue, and the user can select a server side method or a remote computeraccess method or a document call to achieve the same result. The usercan receive documents at a single application layer network address andcan retrieve and access the documents from anywhere in the world. Byintegrating all the authentication, encryption, and access controltechnology into a seamless GUI client interface coupled with smart cardtechnology, global document transfer and retrieval is greatly simplifiedand enhanced.

In another aspect of the invention, the scanner uses a combination of adirect file transfer protocol and email notification. In thisembodiment, the direct file transfer techniques discussed above areused, and an email notification is sent to notify the user that adocument has been inserted into his/her input file folder. Other typesof notifications like pager notifications or messages sent to 3G or 4Gwireless devices are contemplated.

Many of the client side software systems and methods described hereincan be used for other reasons besides the scanning of documents. Forexample, if a user wished to send an entire CD worth of data to includea hierarchical directory structure to another user, the same types ofuser interfaces could be used to send the information. As such, a CD-ROMor DVD reader may be optionally included in the network scanner, and anentire CD-ROM or DVD of information can be sent to a recipient using thesame user interfaces and protocols as described herein, or equivalentsthereof. Moreover, such interfaces can be incorporated into client PCsoftware to make PC-to-PC direct file transfers more convenient.

In some embodiments, the network scanner of the present invention may beconfigured to send a document as an email attachment or by means of apoint-to-point file transfer to an email-to-fax server. This may beneeded at times to interface with older fax machines. The GUI on thescanner preferably allows a user to enter text into a subject field,which could include a field for entry of a destination fax number. Whenthe scanned document is received at the email-to-fax server, theemail-to-fax server makes an outbound fax call to a legacy fax machine.While this embodiment is not preferred, it may be useful while thetechnology transition from legacy fax machines to the current technologyprogresses.

FIGS. 1-5 and the discussion thereof teach and illustrate a class ofmethods that can be implemented on client computers, network scanners,and network servers. To help better understand this class of methods,several explicit variations are illustrated in the paragraphs below.

A method for use in a network scanner involves accepting a set ofauthentication data to identify a particular user who is using thenetwork scanner and offering a mailbox style GUI including at least oneinbox and at least one outbox to the user. Also offered is at least adirect file transfer message type for use with the inbox and the outbox.The method receives a VPN logon address input from a user indicative ofa static application layer address. The method also involves interactingwith a remote VPN logon portal to obtain remote VPN access to one ormore resources located on a private network to include a particular filefolder associated with a recipient inbox. Next, the method establishes aVPN connection tunneled across the global Internet to a remote computerassociated with the static application layer address and creates a filetransfer session through the VPN tunnel to the remote computer. Eitherbefore or after creating the connection, typically before, one or moresheets of paper are scanned to create an image file. The image file isthen transmitted to the remote computer via the file transfer session.The file can be transferred to an inbox storage area associated with arecipient user or organization at the remote computer.

A similar method for use in a network scanner involves accepting a setof authentication data to identify a particular user who is using thenetwork scanner. The same GUI mailboxes and direct file transferservices are provided. A remote computer system logon address isreceived from a user indicative of a static application layer address.This could be a URL, URI, or a SIP address, for example. The method alsoinvolves interacting with a remote control server across the globalInternet to obtain remote access to one or more resources located on aprivate network to include a particular file folder associated with arecipient inbox. Again, the method also involves scanning a document togenerate an image file (usually, but not necessarily, before the networkconnection is set up), and transmitting the image file to the remotecomputer via the remote control server.

A similar method is the same as the above, except the static applicationlayer address corresponds to the remote control server, whereby adestination address is provided to the remote control server so that theremote control server can identify and access a recipient's computersystem in order to gain access thereto for purposes of carrying out theremaining steps of the method.

Another version of the method for use in a network scanner involvesaccepting a set of authentication data to identify a particular user whois using the network scanner, scanning one or more sheets of paper tocreate an image file, and offering a similar mailbox style GUI and thedirect file transfer services as described above. This version of themethod involves receiving from the particular user an application layeraddress associated with a remote computer reachable through a pathacross the global Internet. The destination of the path is defined bythe application layer address. Again, the method also involvestransmitting the image file to the remote computer via the path acrossthe global Internet.

In any of the methods above, the steps 225, 240 and 250 may optionallybe employed to apply authentication (e.g., a digital signature) and/orencryption to the image file, to receive a receipt token (possiblygenerated via cryptographic hashing to confirm integrity), and to markthe outbox of the GUI mailbox system to indicate when the file wasreceived by the destination computer and/or opened by the intendedrecipient. Depending on the particular implementation of the inventivemethod, an intermediate server may be involved for static-to-dynamicaddress translation or remote control access to a home computer orprivate network. Also, static addresses like URLs and URIs and othertypes of application layer addresses may be used with the help ofapplication layer to network and transport layer lookups (from clientside tables or server side databases) to locate the destination computeron the network and to set up a point-to-point transport path theretoacross the Internet, an intranet, or some other type of network like awireless data network or a Mobile IP network.

As discussed above, any of the scanner methods described herein can alsobe implemented on a combination of the network scanner 100 and a networkconnected PC running client side software. For example, the PC can havea built-in smart card reader, and the user identification and scannerrelated steps can be performed at the scanner and the strongauthentication steps and the transmission and protocol interaction stepscan be performed at the networked PC. Also, in any of the methods above,user authentication can be substituted with user identification if alower level of security is acceptable. Again, the authentication stepsdescribed herein can be performed at the PC and PC smart card readerprior to transmission as opposed to being performed by the client thatoperates on the scanner.

Referring now to FIG. 6, a method 600 according to another embodiment ofthe present invention is illustrated in flow chart form. In a first step605, a first party (user A) performs a logon procedure similar to steps205, 210, at a network scanner. Preferably, user A inserts a smart cardinto the scanner in the step 205. Next, a legally bindingsigned/executed document is inserted into the paper feeder and scanned,in a step 610. In a step 615, a set of one or more cryptographicalgorithms are then applied to the document and a digital signature(embedded in the document as a cryptographic hash function and/orapplied to each page as printable digital watermark or 2D bar code, forexample) is applied to the document to verify the user identity and/orencrypt the document according to a cryptographic system such aspublic-private key cryptography. The encryption algorithms may bepreferably applied by streaming the document (or file or folder) to andfrom (through) the smart card as previously described.

Next, in a step 620, the document is transmitted to a computer or emailaccount associated with a second party (user B). In a step 630, user Bperforms a similar logon procedure as user A did in step 605. Next, userB prints out either the whole document or just the signature page andsigns it and rescans one or more pages, at step 635. Next, the scanneddocument is reassembled and user B's cryptographic algorithm(s) areapplied to authenticate and/or encrypt the document according to userB's cryptographic information 640 similar to the procedure describedabove with respect to user A. At this juncture, the document containsboth user A and user B's electronic signatures and each page optionallycontains a digital watermark or 2D cryptographic bar code. In a step645, if applicable, the document is transmitted to a next party and thesame basic procedure (steps 625-645) is repeated until all signatorieshave executed the document.

Further elaboration of this method is made with reference to thefollowing example. The smart card preferably includes a digitalsignature application program that is particularly adapted to facilitateexecution of legal documents having judicially-acceptable evidentiaryvalue. For example, suppose a contract is to be signed by three parties.Once the parties have agreed on the contract, a first party signs thecontract and uses the network scanner to send it to a second party. Thenetwork scanner sends the document to the user's smart card whereprivate keys are applied to generate and apply a digital signature tothe entire document, and to optionally add the digital watermark or 2Dbar code of the first party in a footer. Next, the authenticated signeddocument is transmitted to a network address such as an email address ora special application layer address like an FTP address that correspondsto a second party to the contract. The second party preferably launchesa local copy of the inventive application program. The second party thenprints out the signature page, signs the signature block, and scans thesignature page back in. Now the signature page has two signatures. Theapplication program then preferably adds the signature page to theoriginal document. The second user's smart card and PIN are enteredthrough the second user's smart card so his/her digital signature andoptional digital watermarks can be added to the document. Next, thesecond user transmits the electronic document to the third user whorepeats the process and sends the fully executed document back to thefirst and second parties. In this manner, even large, multi-partycontracts can be efficiently executed in an electronic manner, and thefinal document is much more secure than even a document that has anoriginal signature of every party on every page.

In a preferred embodiment, the cryptographic algorithms are applied by aprocessor located on each user's smart card. The document is either sentin bulk or is streamed to the smart card and processed in blocks orsequentially due to the potentially limited storage on the smart card.In some cases, multiple passes may be needed to apply the cryptographicalgorithms to the entire document, but block applications of theencryption algorithm to portions of the document work just as well andare more efficient. In this manner, the private key information neverleaves the smart card. At the end of the process, a perfectly securedocument exists that is much more secure than a fax executed documentand is even harder to forge than a document with original pen and inksignatures. While the baseline cryptographic technology to implementsuch a document execution system has existed for some time, until nowthe lack of an integrated solution for document input, authentication,transmission and output has been lacking, and consequently, the existingcryptographic technology has not achieved widespread acceptance, and faxand regular mail or courier services are still regularly used to executelegal documents.

In another aspect of the invention, the concept of a networked printeris expanded to provide new services. A networked printer may be assignedan email address, an FTP address, or any other type of application layeraddress. In this aspect of the invention, the networked printer may beconfigured to print out received image files sent by networked scannerdevices. For example, a user may scan a document and instead of sendingit as an email attachment to a user's email address, the user may sendit to a special address analogous to a fax telephone number. A userinserts the document into the network scanner, the document is scanned,and the destination address corresponds to a networked printer locatedat a remote home or office. In this manner, a fax-type message can bereceived and printed, for example, by a printer attached to a router insomeone's home or at an office.

In another aspect of the present invention, a user or corporate entitymay have a published address that serves the same purpose as a faxnumber. For example, an address such as “documentReceipt@company.com”may be used similar to a fax number. If an image file is received atthis address, it can be automatically routed to a network printerlocated in the “company.com” domain and printed out. However, it isrecognized that unwanted spam uses up paper and toner resources.Therefore, in accordance with an aspect of the present invention,anti-spam or filtering software could be used to ensure that only imagefiles received from a list of pre-approved sending addresses and/or fromstrongly authenticated individuals would be automatically printed. (Ofcourse, it will be readily appreciated that many other anti-spam and/orfiltering criteria could be additionally or alternatively employed.) Allother received documents could be routed for electronic retrieval andprinted only if desired. While presently available fax machines have nodefense against fax-based spam advertising, the present invention allowsany type of spam filter to be used. Also, with the present invention,received documents need not be printed as soon as they are received, butcould be stored electronically and viewed on a computer screen and onlyprinted out if a paper copy is needed. Accordingly, the network scannerof the present invention greatly reduces the need to make paper copieswhen compared to analog fax based technology and is another step towardthe longstanding goal of the paperless office.

Although the present invention has been described with reference tospecific embodiments, other embodiments may occur to those skilled inthe art without deviating from the intended scope. Therefore, it is tobe understood that the invention herein encompasses all such embodimentswhich do not depart from the spirit and scope of the invention asdefined in the appended claims.

1-22. (canceled)
 23. A method implemented by a programmed network-serverbased computer system, the method comprising: the programmednetwork-server based computer system receiving, on behalf of an intendedrecipient, an authenticated image file from a stand-alone networkscanner device via a path across a global Internet, wherein theauthenticated image file includes particular scanned document datasufficient to enable reproduction of a particular scanned documentoriginally scanned by a particular sending user using the stand-alonenetwork scanner device, and further includes authentication data thatidentifies the particular sending user as having authenticatedhimself/herself at the stand-alone network scanner device as beingassociated with the particular scanned document; the programmednetwork-server based computer system storing archival data associatedwith the authenticated image file, wherein the archival data isaccessible at a future date and time in order to enable verification atthe future date and time that the particular sending user is associatedwith the authenticated image file, to enable reproduction of theparticular scanned document, and to provide a verification that thereproduction of the particular scanned document is substantiallyidentical to the particular scanned document as it was originallyscanned by the particular sending user using the stand-alone networkscanner device; the programmed network-server based computer systemtransmitting information related to the authenticated image file to aremote computerized device associated with the intended recipient; theprogrammed network-server based computer system providing a firstremotely accessible user interface for use by the particular sendinguser, to enable the particular sending user to access the particulardocument; and the programmed network-server based computer systemproviding a second remotely accessible user interface for use by theintended recipient to access the particular document.
 24. The method asset forth in claim 23, wherein the information related to theauthenticated image file comprises the authenticated image file itself.25. The method as set forth in claim 24, wherein the stand-alone networkscanner device employs a direct file transfer protocol for transmittingthe authenticated image file to the programmed network server-basedcomputer system.
 26. The method as set forth in claim 24, wherein thearchival data further enables verification at the future date and timethat the authenticated image file was received by the remotecomputerized device at a particular reception date and time.
 27. Themethod as set forth in claim 26, wherein the remote computerized deviceat least in part generates remote computerized device receiptconfirmation data by computing a cryptographic hash function on theauthenticated image file, and the remote computerized device sends theremote computerized device receipt confirmation data back to theprogrammed network server-based computer system.
 28. The method as setforth in claim 27, wherein the archival data further enablesverification at the future date and time that the authenticated imagefile was opened for viewing by the intended recipient at a particularviewing date and time, and the archival data is accessible to theparticular sending user via the first remotely accessible userinterface.
 29. The method as set forth in claim 23, wherein thetransmitting of the authenticated image file is performed only afterreceipt by the programmed network-server based computer system ofauthentication credentials of the intended recipient, and confirmationof a validity thereof.
 30. The method as set forth in claim 23, whereinthe programmed network-server based computer system provides asubscription-based archival service.
 31. The method as set forth inclaim 23, wherein the programmed network-server based computer systemprovides a subscription-based archival service, and the particularsending user and the intended recipient are subscribers to thesubscription-based archival service.
 32. The method as set forth inclaim 23, wherein the authenticated image file is encrypted.
 33. Themethod as set forth in claim 32, wherein the archival data furtherenables verification at the future date and time that the authenticatedand encrypted image file was received by the remote computerized deviceat a particular reception date and time.
 34. The method as set forth inclaim 23, wherein the remote computerized device is a personal computerassociated with the intended recipient.
 35. The method as set forth inclaim 23, wherein the remote computerized device is a second stand-alonenetwork scanner device associated with the intended recipient.
 36. Themethod as set forth in claim 23, wherein the remote computerized devicecomprises a networked computer coupled to a local area networkaccessible to the global Internet via a firewall.
 37. The method as setforth in claim 34, wherein the remote computerized device comprises anetworked computer coupled via a virtual private network tunnel throughthe global Internet to the programmed network-server based computer. 38.The method as set forth in claim 23, wherein the remote computerizeddevice is an Internet appliance endpoint device that provides a networkscanner function, a storage function, a printer function, an inbounddocument call function, an outbound document call function, and aclient-server network communication function.
 39. A method implementedby a programmed network-server based computer system, the methodcomprising: the programmed network-server based computer systemproviding a plurality of remotely accessible storage areas into which aplurality of remote stand-alone network scanner devices can transmitscanned image files, wherein each respective one of the plurality of theremotely accessible storage areas is remotely addressable in accordancewith a respective static application layer address associated with arespective user; the programmed network-server based computer systemreceiving, from a particular one of the plurality of stand-alone networkscanner devices, a request to initiate a point-to-point document call,wherein the request includes a particular static application layeraddress associated with an intended recipient; the programmednetwork-server based computer system performing a database translationto convert the particular static application layer address associatedwith the intended recipient into an active network address that servesas an endpoint address for use in the point-to-point document call; theprogrammed network-server based computer system establishing, with theparticular one of the plurality of stand-alone network scanner devices,the point-to-point document call via a path across a global Internet,and receiving, via the point-to-point document call, from the particularone of the plurality of stand-alone network scanner devices, anauthenticated image file; the programmed network-server based computersystem storing the authenticated image file into a respective storagearea associated with the intended recipient, wherein the authenticatedimage file includes a particular scanned document and cryptographic datasufficient to verify that the particular scanned document has not beenaltered since it was originally scanned by a particular sending userusing the particular one of the plurality of stand-alone network scannerdevices, and the authenticated image file further includesauthentication data that identifies the particular sending user ashaving authenticated himself/herself at the particular one of theplurality of stand-alone network scanner devices as being associatedwith the particular scanned document; and the programmed network-serverbased computer system storing archival data associated with theauthenticated image file, wherein the archival data identifies at leastthe particular sending user, the intended recipient and the date andtime the authenticated image file was received by the programmednetwork-server based computer system.
 40. The method as set forth inclaim 39, wherein the point-to-point document call is established inaccordance with a session initiation protocol (SIP).
 41. The method asset forth in claim 40, wherein the static application layer address is aSIP address.
 42. The method as set forth in claim 40, wherein the staticapplication layer address is a telephone number.
 43. The method as setforth in claim 40, wherein the programmed network-server based computersystem includes a SIP server function.
 44. The method as set forth inclaim 39, further comprising: the programmed network-server basedcomputer system transmitting the authenticated image file to a remotecomputerized device associated with the intended recipient, wherein theprogrammed network-server based computer system provides asubscription-based archival service to at least one member of the groupconsisting of the particular sending user and the intended recipient 45.The method as set forth in claim 44, wherein the programmednetwork-server based computer system performs the transmitting at a timesubsequent to its receipt of the authenticated image file from theparticular one of the plurality of stand-alone network scanner devices,in response to a detection that the remote computerized device hasbecome reachable via the global Internet.
 46. The method as set forth inclaim 44, wherein the programmed network-server based computer systemperforms the transmitting at a time subsequent to its receipt of theauthenticated image file from the particular one of the plurality ofstand-alone network scanner devices, in response to a request to accessthe authenticated image file, wherein the request is transmitted fromthe intended recipient via the remote computerized device and via a paththrough the global internet to the programmed network-server basedcomputer system.
 47. The method as set forth in claim 44, wherein theremote computerized device corresponds to an Internet appliance endpointdevice that provides a network scanner function, a storage function, aprinter function, an inbound document call function, an outbounddocument call function, and a client-server network communicationfunction.
 48. The method as set forth in claim 47, further comprising:the remote computerized device causing the particular scanned documentto be automatically printed in response to receipt of the authenticatedimage file.
 49. The method as set forth in claim 44, wherein thearchival data further enables verification at a future date and timethat the authenticated image file was received by the remotecomputerized device for use by the intended recipient at a particularreception date and time, and the archival data is accessible to theparticular sending user via a first remotely accessible user interface.50. The method as set forth in claim 49, wherein the remote computerizeddevice at least in part generates remote computerized device receiptconfirmation data by computing a cryptographic hash function on theauthenticated image file, and the remote computerized device sends theremote computerized device receipt confirmation data back to theprogrammed server-based computer system.
 51. The method as set forth inclaim 49, wherein the remote computerized device sends a particularscanned document opening confirmation back to the programmedserver-based computer system.
 52. The method as set forth in claim 51,wherein the archival data further enables verification at a future dateand time that the authenticated image file was opened for viewing by theintended recipient at a particular viewing date and time based upon theparticular scanned document opening confirmation, and the archival datais accessible to the particular sending user via the first remotelyaccessible user interface.
 53. The method as set forth in claim 39,wherein the programmed network-server based computer system provides asubscription-based archival service.
 54. The method as set forth inclaim 39, wherein the programmed network-server based computer systemprovides a subscription-based archival service, and the particularsending user and the intended recipient are subscribers to thesubscription-based archival service.
 55. A method implemented by aprogrammed network-server based computer system, the method comprising:the programmed network-server based computer system providing aplurality of remotely accessible storage areas into which a plurality ofremote stand-alone network scanner devices can transmit scanned imagefiles, wherein each respective one of the plurality of the remotelyaccessible storage areas is remotely addressable in accordance with arespective static application layer address associated with a respectiveuser; the programmed network-server based computer system receiving,from a particular one of the plurality of stand-alone network scannerdevices, a request to initiate a point-to-point document call to anintended recipient, wherein the request includes a particular staticapplication layer address associated with an intended recipient; theprogrammed network-server based computer system determining whether thepoint-to-point document call can be completed to a remote computerizeddevice associated with the intended recipient, via a path across aglobal Internet; if the determining provides an affirmative result, theprogrammed network-server based computer system sending to theparticular one of the plurality of stand-alone network scanner devicesan active network address indicative of where the remote computerizeddevice can currently receive point-to-point document calls via theglobal Internet, to thereby support the ability of the particular one ofthe plurality of stand-alone network scanner devices and the remotecomputerized device to establish the point-to-point document call; ifthe determining provides a negative result, the programmednetwork-server based computer system receiving via a path across theglobal Internet, from the particular one of the plurality of stand-alonenetwork scanner devices, an authenticated image file, and the programmednetwork-server based computer system storing the authenticated imagedocument into a particular one of the remotely accessible storage areasassociated with the static application layer address of the intendedrecipient, wherein the authenticated image file includes a particularscanned document and cryptographic data sufficient to verify that theparticular scanned document has not been altered since it was originallyscanned by a particular sending user using the particular one of theplurality of stand-alone network scanner devices, and the authenticatedimage file further includes authentication data that identifies theparticular sending user as having authenticated himself/herself at theparticular one of the plurality of stand-alone network scanner devicesas being associated with the particular scanned document; the programmednetwork-server based computer system storing archival data associatedwith the authenticated image file, wherein the archival data identifiesat least the particular sending user, the intended recipient and thedate and time the authenticated image file was received by theprogrammed network-server based computer system; and the programmednetwork-server based computer system transmitting the authenticatedimage file to the intended recipient at the remote computerized device.56. The method as set forth in claim 55, wherein the programmednetwork-server based computer system performs the transmitting at a timesubsequent to its receipt of the authenticated image file from theparticular one of the stand-alone network scanner devices in response toa detection that the remote computerized device has become reachable viathe global Internet.
 57. The method as set forth in claim 56, whereinthe remote computerized device corresponds to a second particular one ofthe plurality of stand-alone network scanner devices, and the secondparticular one of the plurality of stand-alone network scanner devicesis associated with the intended recipient.
 58. The method as set forthin claim 56, wherein the remote computerized device corresponds to anInternet appliance endpoint device that provides a network scannerfunction, a storage function, a printer function, an inbound documentcall function, an outbound document call function, and a client-servernetwork communication function.
 59. The method as set forth in claim 58,further comprising the remote computerized device causing the scanneddocument to be automatically printed in response to receipt of theauthenticated image file.
 60. The method as set forth in claim 55,wherein the programmed network-server based computer system performs thetransmitting at a time subsequent to its receipt of the authenticatedimage file from the particular one of the stand-alone network scannerdevices in response to a request received from the remote computerizeddevice.